/**
 * Copyright (c) 2005-2012 https://github.com/zhangkaitao
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 */
package org.apache.shiro.web.filter.authc;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.springframework.beans.factory.annotation.Autowired;

import com.jack.vipmis.system.user.entity.User;
import com.jack.vipmis.system.user.service.UserService;

import javax.servlet.ServletRequest;

/**
 * 基于几点修改： 1、onLoginFailure 时 把异常添加到request attribute中 而不是异常类名 2、登录成功时：成功页面重定向：
 * 2.1、如果前一个页面是登录页面，-->2.3 2.2、如果有SavedRequest 则返回到SavedRequest
 * 2.3、否则根据当前登录的用户决定返回到管理员首页/前台首页
 * <p/>
 * <p>
 * User: Zhang Kaitao
 * <p>
 * Date: 13-3-19 下午2:11
 * <p>
 * Version: 1.0
 */
public class CustomFormAuthenticationFilter extends FormAuthenticationFilter {

	@Autowired
	UserService	userService;

	@Override
	protected void setFailureAttribute(ServletRequest request, AuthenticationException ae) {
		request.setAttribute(getFailureKeyAttribute(), ae);
	}

	/**
	 * 默认的成功地址
	 */
	private String	defaultSuccessUrl;
	/**
	 * 管理员默认的成功地址
	 */
	private String	adminDefaultSuccessUrl;

	public void setUserService(UserService userService) {
		this.userService = userService;
	}

	public void setDefaultSuccessUrl(String defaultSuccessUrl) {
		this.defaultSuccessUrl = defaultSuccessUrl;
	}

	public void setAdminDefaultSuccessUrl(String adminDefaultSuccessUrl) {
		this.adminDefaultSuccessUrl = adminDefaultSuccessUrl;
	}

	public String getDefaultSuccessUrl() {
		return defaultSuccessUrl;
	}

	public String getAdminDefaultSuccessUrl() {
		return adminDefaultSuccessUrl;
	}

	/**
	 * 根据用户选择成功地址
	 * 
	 * @return
	 */
	@Override
	public String getSuccessUrl() {
		String username = (String) SecurityUtils.getSubject().getPrincipal();
		User user = userService.findByUsername(username);
		if (user != null && Boolean.TRUE.equals(user.getAdmin())) {
			return getAdminDefaultSuccessUrl();
		}
		return getDefaultSuccessUrl();
	}
}
